DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
General
-
Target
94489bb20448f1afd2307139e06246b1_JaffaCakes118
-
Size
1.0MB
-
MD5
94489bb20448f1afd2307139e06246b1
-
SHA1
557ee9cf46914b5716e55a3807e4bf6f0ee9416b
-
SHA256
f7cf97c7daeb95f2c5d9503774b3e1fd18faece4efeebec7d733134a1229f051
-
SHA512
1901c5869b619a7db9ebfcb7743f6010496d94e3847e7077d71931ceb5061d805d095b8a09766a03cd10a67da616016281f2f75d5b13c9dc4d689bbaeeed63c1
-
SSDEEP
24576:Co5r2HGKESukjA+YxGM6ifSKiecYZJacAlLK1XvoTVIg9izv:/QHGKESF72KezjAlLyXvoTig4zv
Score
7/10
Malware Config
Signatures
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
94489bb20448f1afd2307139e06246b1_JaffaCakes118
Headers
Exports
Sections